[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
New Pentium Bug
- To: tech_(_at_)_openbsd_(_dot_)_org
- Subject: New Pentium Bug
- From: Doctor Who <drwho_(_at_)_shell_(_dot_)_sinister_(_dot_)_com>
- Date: Sat, 8 Nov 1997 14:29:14 -0500 (EST)
In case anyone hasn't heard, there is a bug in the Pentium and Pentium-MMX
chips called the "Pentium FO" bug. A few instructions can cause it to
I'll skip the rant again Intel here, because I am sure others can rant
better than I. I am sure the people on non-intel platforms have a big "I
told you so" smirk on their face.
What to do? Other than a hardware fix (Do you think Intel will offer to
replace the chips? I doubt it), an upgrade (I don't know if Pentium-II
and P-Pro are vulnerable, but that is besides the point), or an
architecture change (ouch), or not letting users upload and run their own
programs (doesn't make a shell machine too useful), some operating system
hack is needed.
Until I learn more about the bug, this is all just a shot in the dark.
Some sort of "wrapper", in the shell, that checks the program for naughty
code before running it is the best thing I can think of. Of course, this
is going to eat some CPU time, and isn't undefeatable.
Another method, which could possibly save a bit on the overhead of
checking before running, is a 'validation' system that checks the code
before running it the first time, keeps a MD5 signature of a program that
passes, and checks a list of 'validated' programs before doing the
So this is just off the top of my head. If I have totally overlooked
something, please let me know in a kind and gentle manner.